COMDEXvirtual: Rise Of The Professional Hacker

By Stefanie Hoffman
November 17, 2010 12:45 PM ET

Page 2 of 2

Inflation in this underground economy occurs when security mechanisms render old techniques outdated, requiring more technical expertise and investment from the hacker, Thompson said.

Subsequently, Thompson recommended that truly protecting data will require organizations automatically to factor security into their IT infrastructure.

"Security is about mitigating risk at some cost," he said, adding that many security organizations actually overspend on security because they haven't assessed their risk. Perhaps surprisingly, "most cost of breaches comes from simple failures, not form attacker ingenuity," he said. "This is an important lesson for us to learn."

Most users will make naturally poor decisions about security simply because it's not intuitive from a performance or usability standpoint. Therefore, organizations will have to make security an inherent part of their culture by enabling users to make the best security choices, he said.

"We need to outsource the minimal amount of security decisions to the user or make it easy for them to make good security choices," he said. "Security is everyone's responsibility. It needs to be weaved in. We all have to understand security risks to some degree."

Register now to attend COMDEXvirtual or to access on-demand sessions.

<< Previous | 1 | 2

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

Head-To-Head: Symantec Vs. McAfee In Endpoint Protection

McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.

The 8 Steps Behind The Massive $45M Cyber Bank Heist

More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.

Name Of The Game: Top 10 States For Identity Theft

A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.

More Slide Shows

Related Videos

Loading...

Related Articles

Sophos Readying MSP Program Expansion

Mandiant: Report Sending Chinese Cyberattackers Back To The Drawing Board?

Turn Any Tablet Into A Custom Appliance

Blue Coat To Acquire Solera Networks For Threat Intelligence, Analytics

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows